Critical severity9.8NVD Advisory· Published Mar 30, 2018· Updated Jun 17, 2026
CVE-2017-14883
CVE-2017-14883
Description
In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the FW command buffer is close to max of uint32, then the computation performed using this variable to calculate stats_registers_len may overflow to a smaller value leading to less than required memory allocated for power_stats_results and potentially a buffer overflow while copying the FW buffer to local buffer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <2017-10-18
- Range: <2017-10-18
- Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5Range: All Android releases from CAF using the Linux kernel
Patches
Vulnerability mechanics
References
2- source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/nvdPatchThird Party Advisory
- source.android.com/security/bulletin/pixel/2018-02-01nvdVendor Advisory
News mentions
0No linked articles in our index yet.